• No results found

Analyzing Timed Systems Using Tree Automata

N/A
N/A
Protected

Academic year: 2022

Share "Analyzing Timed Systems Using Tree Automata"

Copied!
83
0
0

Loading.... (view fulltext now)

Full text

(1)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Analyzing Timed Systems Using Tree Automata

S Akshay1, Paul Gastin2 and Krishna Shankara Narayanan1

1Dept of CSE, IIT Bombay, India,

2LSV, ENS Cachan, France.

CONCUR 2016, Quebec 26 Aug 2016

1

(2)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Timed automata and timed runs

q1 x≤3 q2

a,x := 0

(3)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Timed automata and timed runs

q1 x3 q2 q3

a,x:= 0

y 4 b,y:= 0

x2 a,x:= 0

X 0 a,3 b,4 a,5

2

(4)

Timed automata and timed runs

q1 x3 q2 q3

a,x:= 0

y 4 b,y:= 0

x2 a,x:= 0

X 0 a,3 b,4 a,5

× 0 a,3 b,5 a,7

× 0 a,3 b,4 a,5 a,8 a,7

(5)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Timed automata and timed runs

q1 x3 q2 q3

a,x:= 0

y 4 b,y:= 0

x2 a,x:= 0

X 0 a,3 b,4 a,5

× 0 a,3 b,5 a,7

× 0 a,3 b,4 a,5 a,8 a,7

The timed languageLT(A) = set of suchgood timed words Emptiness problem : GivenA, is LT(A) =∅?

2

(6)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Emptiness for timed automata

A well-studied problem with a now standard approach

many optimizations since... Timed pushdown automata:

Our point-de-depart

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

(7)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Emptiness for timed automata

A well-studied problem with a now standard approach Timed automata: Region construction [Alur-Dill’90], and many optimizations since...

Timed pushdown automata:

Our point-de-depart

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

3

(8)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Emptiness for timed (pushdown) automata

A well-studied problem with a now standard approach Timed automata: Region construction [Alur-Dill’90], and many optimizations since...

Timed pushdown automata:

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

(9)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Emptiness for timed (pushdown) automata

A well-studied problem with a now standard approach Timed automata: Region construction [Alur-Dill’90], and many optimizations since...

Timed pushdown automata: Lifting region construction – [Bouajjani et al. ’94],[Abdulla et al. 2012]

Our point-de-depart

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

3

(10)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Emptiness for timed (pushdown) automata

A well-studied problem with a now standard approach Timed automata: Region construction [Alur-Dill’90], and many optimizations since...

Timed pushdown automata: Lifting region construction – [Bouajjani et al. ’94],[Abdulla et al. 2012]

An orthogonal approach: [Clemente-Lasota 2015]

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

(11)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Emptiness for timed (pushdown) automata

A well-studied problem with a now standard approach Timed automata: Region construction [Alur-Dill’90], and many optimizations since...

Timed pushdown automata: Lifting region construction – [Bouajjani et al. ’94],[Abdulla et al. 2012]

Common feature:

represent behaviors as timed words and,

use abstractions to reduce to finite automata over words

Our point-de-depart

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

3

(12)

Emptiness for timed (pushdown) automata

A well-studied problem with a now standard approach Timed automata: Region construction [Alur-Dill’90], and many optimizations since...

Timed pushdown automata: Lifting region construction – [Bouajjani et al. ’94],[Abdulla et al. 2012]

Common feature:

represent behaviors as timed words and,

use abstractions to reduce to finite automata over words

Our point-de-depart

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

(13)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Emptiness for timed (pushdown) automata

A well-studied problem with a now standard approach Timed automata: Region construction [Alur-Dill’90], and many optimizations since...

Timed pushdown automata: Lifting region construction – [Bouajjani et al. ’94],[Abdulla et al. 2012]

Common feature:

represent behaviors as timed words and,

use abstractions to reduce to finite automata over words

Our point-de-depart

representbehaviors as graphs with timing constraints use tree interpretations to reduce to tree automata

A higher level and more powerful formalism Yields simpler proofs for more complicated systems A new technique which does not depend on regions/zones

3

(14)

Outline

1 Timed behaviours as graphs

2 Checking realizability

3 Interpreting graphs into trees

4 Bounding the (split-)width of graphs

5 Conclusion & future work

(15)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Abstracting paths of a timed system as graphs

q1 x3 q2 q3

a,x:= 0

y4 b,y:= 0

x2 a,x:= 0

a b a

3 2

4

5

(16)

Abstracting paths of a timed system as graphs

q1 x3 q2 q3

a,x:= 0

y4 b,y:= 0

x2 a,x:= 0

a b a

3 2

4

a b a b a

3 2

4

2

4

(17)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Abstracting paths of a timed system as graphs

q1 x3 q2 q3

a,x:= 0

y4 b,y:= 0

x2 a,x:= 0

a b a

0 0 0

3 2

4

a b a b a

0 0 0 0 0

3 2

4

2

4

5

(18)

Abstracting paths of a timed system as graphs

q1 x3 q2 q3

a,x:= 0

y4 b,y:= 0

x2 a,x:= 0

a b a

0 0 0

3 2

4

a b a b a

0 0 0 0 0

3 2

4

2

4

set of such time-constrained graphs, TC-words = LTCW(A).

(19)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Abstracting paths of a timed system as graphs

q1 x3 q2 q3

a,x:= 0

y4 b,y:= 0

x2 a,x:= 0

a b a

0 0 0

3 2

4

a b a b a

0 0 0 0 0

3 2

4

2

4

set of such time-constrained graphs, TC-words =LTCW(A).

What are some properties of such graphs?

5

(20)

Abstracting paths of a timed system as graphs

q1 x3 q2 q3

a,x:= 0

y4 b,y:= 0

x2 a,x:= 0

a b a

0 0 0

3 2

4

a b a b a

0 0 0 0 0

3 2

4

2

4

set of such time-constrained graphs, TC-words =LTCW(A).

What are some properties of such graphs?

What is the link betweenLTCW(A) andLT(A)?

(21)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

TC-words and their relation to timed words

Properties of TC-words and timed words

1 Not all (linearly-ordered) graphs are TC-words

a b a

6

(22)

TC-words and their relation to timed words

Properties of TC-words and timed words

1 Not all (linearly-ordered) graphs are TC-words

X a b a

(23)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

TC-words and their relation to timed words

Properties of TC-words and timed words

1 Not all (linearly-ordered) graphs are TC-words

× a b a

This graph cannot be generated by any timed automaton.

6

(24)

TC-words and their relation to timed words

Properties of TC-words and timed words

1 Not all (linearly-ordered) graphs are TC-words

× a a a b b

This graph cannot be generated by any timed automaton.

(25)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

TC-words and their relation to timed words

Properties of TC-words and timed words

1 Not all (linearly-ordered) graphs are TC-words

X a a a b b

This graph cannot be generated by any timed automaton.

But, it can be generated by a timed pushdown automaton!.

6

(26)

TC-words and their relation to timed words

Properties of TC-words and timed words

1 Not all (linearly-ordered) graphs are TC-words

2 A TC-word can berealized by (infinitely) many timed words

X 0 a 0 b 0 a

3 2

4

ǫ,0 a,3 b,4 a,5

ǫ,0 a,2.4 b,4.3 a,4.3

(27)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

TC-words and their relation to timed words

Properties of TC-words and timed words

1 Not all (linearly-ordered) graphs are TC-words

2 A TC-word can berealized by (infinitely) many timed words

3 However, a TC-word may berealized by no timed word too!

a b a

0 0 0

3 2

4

a b a b a

3 2

4

2

4

0 0 0 0 0

6

(28)

Realizability of TC-words

Realizationof a TC-word is a timed word satisfying constraints A TC-word isrealizable if it has a timed word realization.

(29)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Realizability of TC-words

Realizationof a TC-word is a timed word satisfying constraints A TC-word isrealizable if it has a timed word realization.

Recall: for a timed system A,LTCW(A) denotes the set of TC-words accepted by it.

7

(30)

Realizability of TC-words

Realizationof a TC-word is a timed word satisfying constraints A TC-word isrealizable if it has a timed word realization.

Recall: for a timed system A,LTCW(A) denotes the set of TC-words accepted by it.

Difference betweenLTCW(A) andLT(A):

q1 x3 q2 q3

a,x:= 0

y4 b,y:= 0

x2 a,x:= 0

ǫ,0 a,2.5 b,4.2 a,4.4

a b a

0 0 0

3 2

4

LTCW(A) is over a finite alphabet, while LT(A) is not.

(31)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Realizability of TC-words

Realizationof a TC-word is a timed word satisfying constraints A TC-word isrealizable if it has a timed word realization.

Recall: for a timed system A,LTCW(A) denotes the set of TC-words accepted by it.

Theorem: LT(A) = Realizations(LTCW(A))

7

(32)

Realizability of TC-words

Realizationof a TC-word is a timed word satisfying constraints A TC-word isrealizable if it has a timed word realization.

Recall: for a timed system A,LTCW(A) denotes the set of TC-words accepted by it.

Theorem: LT(A) = Realizations(LTCW(A))

The Emptiness problem

For a given timed (pushdown) automatonA,

LT(A)6=∅ iff there exists a realizable TC-word inLTCW(A).

(33)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Realizability of TC-words

Realizationof a TC-word is a timed word satisfying constraints A TC-word isrealizable if it has a timed word realization.

Recall: for a timed system A,LTCW(A) denotes the set of TC-words accepted by it.

Theorem: LT(A) = Realizations(LTCW(A))

The Emptiness problem

For a given timed (pushdown) automatonA,

LT(A)6=∅ iff there exists a realizable TC-word inLTCW(A).

Thus, the question is: how to reason about these graphs?

7

(34)

Checking realizability of a single TC-word

a b a b a

3 2

4

2

4

0 0 0 0 0

(35)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Checking realizability of a single TC-word

a b a b a

3 2

4

2

4

0 0 0 0 0

a b a b a

0 0 0 0 0

3 2

−4

2

−4

8

(36)

Checking realizability of a single TC-word

a b a b a

3 2

4

2

4

0 0 0 0 0

a b a b a

0 0 0 0 0

3 2

−4

2

−4

A simple exercise

A TC-word is realizable iff its directed graph has no negative cycle.

(37)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

How to reason about the set of graphs LTCW(A)?

9

(38)

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

(39)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

Graphs are well-formed

Graphs define an abstract path in the given timed system.

Graphs are realizable, i.e., no negative weight cycle.

9

(40)

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

Graphs are well-formed

Graphs define an abstract path in the given timed system.

Graphs are realizable, i.e., no negative weight cycle.

Then, by Courcelle’s theory, we obtain a finite tree automaton (by interpreting the graphs into trees).

(41)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

Graphs are well-formed

Graphs define an abstract path in the given timed system.

Graphs are realizable, i.e., no negative weight cycle.

Then, by Courcelle’s theory, we obtain a finite tree automaton (by interpreting the graphs into trees).

Same strategy as [Madhusudan & Parlato’11, Aiswarya et al

’12]for untimed pushdown systems.

9

(42)

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

Graphs are well-formed

Graphs define an abstract path in the given timed system.

Graphs are realizable, i.e., no negative weight cycle.

Then, by Courcelle’s theory, we obtain a finite tree automaton (by interpreting the graphs into trees).

We show

Step 1: graphs from T(PD)A have a bounded (split-)width.

(43)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

Graphs from timed systems are different!

We show

Step 1: graphs from T(PD)A have a bounded (split-)width.

9

(44)

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

Graphs are well-formed

Graphs define an abstract path in the given timed system.

Graphs are realizable, i.e., no negative weight cycle.

Then, by Courcelle’s theory, we obtain a finite tree automaton (by interpreting the graphs into trees).

We show

Step 1: graphs from T(PD)A have a bounded (split-)width.

(45)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

X Graphs are well-formed

X Graphs define an abstract path in the given timed system.

? Graphs are realizable, i.e., no negative weight cycle.

Then, by Courcelle’s theory, we obtain a finite tree automaton (by interpreting the graphs into trees).

We show

Step 1: graphs from T(PD)A have a bounded (split-)width.

9

(46)

The Emptiness problem

For a given timed (pushdown) automatonA,

Does there exist a TC-word inLTCW(A), whose directed graph has no negative cycle?

If we can show that:

1 Graphs have a bounded-width.

2 Each property is expressible in MSO.

X Graphs are well-formed

X Graphs define an abstract path in the given timed system.

? Graphs are realizable, i.e., no negative weight cycle.

Then, by Courcelle’s theory, we obtain a finite tree automaton (by interpreting the graphs into trees).

We show

Step 1: graphs from T(PD)A have a bounded (split-)width.

Step 2: directly build a finite bottom-up tree automaton.

(47)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Complexity bounds

Step 1: Bound on (split-)width for timed (pushdown) systems Step 2: Directly building the tree automaton allows us to get tight complexity bounds.

10

(48)

Complexity bounds

Step 1: Bound on (split-)width for timed (pushdown) systems Step 2: Directly building the tree automaton allows us to get tight complexity bounds.

Main results

1 For timed automaton Awith clocks X, all simple TC-words of Ahave (split-)width K ≤ |X|+ 4 .

(49)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Complexity bounds

Step 1: Bound on (split-)width for timed (pushdown) systems Step 2: Directly building the tree automaton allows us to get tight complexity bounds.

Main results

1 For timed (pushdown) automatonAwith clocks X, all simple TC-words of A have (split-)widthK ≤ |X|+ 4(4|X|+ 6).

10

(50)

Complexity bounds

Step 1: Bound on (split-)width for timed (pushdown) systems Step 2: Directly building the tree automaton allows us to get tight complexity bounds.

Main results

1 For timed (pushdown) automatonAwith clocks X, all simple TC-words of A have (split-)widthK ≤ |X|+ 4(4|X|+ 6).

2 We can build a tree automaton of size exponential inK2 to check realizability (details in paper).

(51)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Complexity bounds

Step 1: Bound on (split-)width for timed (pushdown) systems Step 2: Directly building the tree automaton allows us to get tight complexity bounds.

Main results

1 For timed (pushdown) automatonAwith clocks X, all simple TC-words of A have (split-)widthK ≤ |X|+ 4(4|X|+ 6).

2 We can build a tree automaton of size exponential inK2 to check realizability (details in paper).

3 Corollary: PSPACE (Exptime) emptiness for timed (pushdown) automata.

10

(52)

Complexity bounds

Step 1: Bound on (split-)width for timed (pushdown) systems Step 2: Directly building the tree automaton allows us to get tight complexity bounds.

Main results

1 For timed (pushdown) automatonAwith clocks X, all simple TC-words of A have (split-)widthK ≤ |X|+ 4(4|X|+ 6).

2 We can build a tree automaton of size exponential inK2 to check realizability (details in paper).

3 Corollary: PSPACE (Exptime) emptiness for timed (pushdown) automata.

Lift to timed multi-pushdown systems with bounded rounds Easy generalization, new decidability result & complexity too!

(53)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Step 0: Simplifying the TC-words

We first break TC-words into “simpler” graphs, so that each node has only one upper/lower time constraint attached to it.

For example,

is converted to:

To maintain atomicity, we use a single extra clock & add a constraint to each event:

ai [0,0]

11

(54)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Step 0: Simplifying the TC-words

We first break TC-words into “simpler” graphs, so that each node has only one upper/lower time constraint attached to it.

For example,

To maintain atomicity, we use a single extra clock & add a constraint to each event:

ai [0,0]

(55)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Step 0: Simplifying the TC-words

We first break TC-words into “simpler” graphs, so that each node has only one upper/lower time constraint attached to it.

For example,

is converted to:

To maintain atomicity, we use a single extra clock & add a constraint to each event:

ai [0,0]

11

(56)

Step 0: Simplifying the TC-words

We first break TC-words into “simpler” graphs, so that each node has only one upper/lower time constraint attached to it.

For example,

is converted to:

To maintain atomicity, we use a single extra clock & add a constraint to each event:

ai [0,0]

(57)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Step 1: Split-width for timed systems

Now, define split game (see[Aiswarya et. al.’12, ’15])...

12

(58)

Step 1: Split-width for timed systems

Now, define split game (see[Aiswarya et. al.’12, ’15])...

Eve tries to disconnect the graph by cutting process edges.

Positions are simple TC-words with holes.

(59)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Step 1: Split-width for timed systems

Now, define split game (see[Aiswarya et. al.’12, ’15])...

Eve tries to disconnect the graph by cutting process edges.

Positions are simple TC-words with holes.

Adam chooses which connected component to continue.

12

(60)

Step 1: Split-width for timed systems

Now, define split game (see[Aiswarya et. al.’12, ’15])...

Game ends at atomic nodes (no process edges left).

(61)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Step 1: Split-width for timed systems

Now, define split game (see[Aiswarya et. al.’12, ’15])...

Width of such a split simple TC-word = no. ofblocksin it.

Cost of play = max width of split TC-word seen along play.

Split-width = min cost that Eve can achieve.

12

(62)

Step 1: Split-width for timed systems

To bound: split-width of any well-formed simple TC-word, i.e., graph from a timed (pushdown) automaton.

(63)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Step 1: Split-width for timed systems

To bound: split-width of any well-formed simple TC-word, i.e., graph from a timed (pushdown) automaton.

13

(64)

Step 1: Split-width for timed systems

To bound: split-width of any well-formed simple TC-word, i.e., graph from a timed (pushdown) automaton.

Let’s play the game...

(65)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Split-width for timed automata

14

(66)

Split-width for timed automata

(67)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Split-width for timed automata

14

(68)

Split-width for timed automata

(69)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Split-width for timed automata

For any TC-word of a timed automaton In any move of the game, we have:

Each hole is attached to last reset of a clock, holes only widen!

14

(70)

Split-width for timed automata

For any TC-word of a timed automaton In any move of the game, we have:

Each hole is attached to last reset of a clock, holes only widen!

Thus, no. of blocks ≤No. of clocks + 4.

(71)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Split-width for timed pushdown automata

15

(72)

Split-width for timed pushdown automata

(73)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Split-width for timed pushdown automata

15

(74)

Split-width for timed pushdown automata

(75)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Split-width for timed pushdown automata

For any TC-word of a timed pushdown automaton In any move of the game, we have:

Number of blocks ≤4·No. of clocks + 6.

15

(76)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

2 Show a bound on widthof graphs in LTCW(A).

3 Interpret graphs into trees andreduce to a tree automaton B s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

A common framework for timed, pushdown, multi-pushdown automata with bounded rounds.

Robust framework: diagonal guards, etc. Future work

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

(77)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

1 Writebehaviors as graphs with timing constraints LTCW(A).

2 Show a bound on widthof graphs in LTCW(A).

3 Interpret graphs into trees andreduce to a tree automaton B s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

A common framework for timed, pushdown, multi-pushdown automata with bounded rounds.

Robust framework: diagonal guards, etc. Future work

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

16

(78)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

1 Writebehaviors as graphs with timing constraints LTCW(A).

2 Show abound on width of graphs in LTCW(A).

s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

A common framework for timed, pushdown, multi-pushdown automata with bounded rounds.

Robust framework: diagonal guards, etc. Future work

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

(79)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

1 Writebehaviors as graphs with timing constraints LTCW(A).

2 Show abound on width of graphs in LTCW(A).

3 Interpret graphs into trees andreduce to a tree automaton B

s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

A common framework for timed, pushdown, multi-pushdown automata with bounded rounds.

Robust framework: diagonal guards, etc. Future work

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

16

(80)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

1 Writebehaviors as graphs with timing constraints LTCW(A).

2 Show abound on width of graphs in LTCW(A).

3 Interpret graphs into trees andreduce to a tree automaton B s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

automata with bounded rounds.

Robust framework: diagonal guards, etc. Future work

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

(81)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

1 Writebehaviors as graphs with timing constraints LTCW(A).

2 Show abound on width of graphs in LTCW(A).

3 Interpret graphs into trees andreduce to a tree automaton B s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

A common framework for timed, pushdown, multi-pushdown automata with bounded rounds.

Robust framework: diagonal guards, etc. Future work

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

16

(82)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

1 Writebehaviors as graphs with timing constraints LTCW(A).

2 Show abound on width of graphs in LTCW(A).

3 Interpret graphs into trees andreduce to a tree automaton B s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

A common framework for timed, pushdown, multi-pushdown automata with bounded rounds.

Robust framework: diagonal guards, etc.

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

(83)

Introduction Graph behaviors Realizability Emptiness Split-width Conclusion

Conclusion and Future work

A new recipe for analyzing timed systems. Given A,

1 Writebehaviors as graphs with timing constraints LTCW(A).

2 Show abound on width of graphs in LTCW(A).

3 Interpret graphs into trees andreduce to a tree automaton B s.t., Realizations(LTCW(A)) =∅ iff L(B) =∅.

A common framework for timed, pushdown, multi-pushdown automata with bounded rounds.

Robust framework: diagonal guards, etc.

Future work

Concurrent recursive timed programs MSO definability of realizability

Going beyond emptiness. What about model-checking?

16

References

Related documents

dtPDA of [AAS LICS’12] recognise the same class of timed languages as pushdown timed automata of [BER HS’94].. Very strong

Timed automata = finite automata + constraints on timings on edges using clocks.. Recognise timed

Tree automata Class 1: Schema (determinism constraint) Tree automata Class 2: XQuery, XDuce, Relax. Class 0 < Class 1 <

Timed automata and the reachability problem Reachability algorithm with subsumption Limiting the impact of mistakes..

nodes that later will be deleted Idea1: Give priority to big nodes to minimise the effect of a mistake Idea2: use topological order.. to

For example, if the node size (and cache line size) is 64 bytes and a key and a child pointer each occupies 4 bytes, then a B + -Tree can only hold 7 keys per node whereas a CSB +

– Initialized Rectangular Hybrid automata [HKPV98] , – Hybrid Automata with Strong Resets [BBJ + 08] , – Piecewise constant derivative systems [AMP95] , – Multi-Mode Systems

We reduce Minsky machine halting problem to singular hybrid automata reachability